Load balancing WAN, inside and outside trafic

Unanswered Question
Feb 23rd, 2009
User Badges:

Hi NetPro


Which Cisco device do I need to make a load balancing and faiulre tolerance for two WAN links with different ISP both to inside and outside traffic considering allowed access to published services from WAN interface to LAN.


Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Mon, 02/23/2009 - 12:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Javier,

using a powerful enough Cisco router with BGP multihoming is fine for outbound traffic.


However, you cannot control the inbound direction.

You can try to influence inbound paths by performing selective AS path prepending towards the ISP eBGP peers but you cannot expect a fair distribution.

This is a known limit of BGP4.


There are other options to optimize outbound traffic sharing including OER but again for inbound direction it is easier to implement a strict hierarchy on return traffic.


for BGP multihoming see


http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml


effective BGP multihoming would require your company to ask a BGP AS number to RIRs (ARIN, RIPE and the others) and to have associated to it one or more public address blocks


you can consider also a primary/secondary solution using NAT that provides only redundancy but with less requirements


http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080091c8a.shtml


So depending on the size of your company the second option might be a better fit.


Hope to help

Giuseppe



jmecklenburg Mon, 02/23/2009 - 12:32
User Badges:

Hi Guislar


If don't exist a load balancer like some Allot device?

Giuseppe Larosa Mon, 02/23/2009 - 12:40
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Javier,

again a load balancer could work for outbound but not for inbound traffic


Each subject in the internet is free to decide how it sends traffic but it cannot influence how the others send back the traffic to it.

This is a question of routing and of current technology.

Even if you don't use BGP it is used by your providers.


Hope to help

Giuseppe


jmecklenburg Thu, 02/26/2009 - 09:13
User Badges:

thanks for your help


and for this implementation, a Cisco Router 3800 is enough?

Giuseppe Larosa Thu, 02/26/2009 - 11:28
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Javier,

a router C3845 can be enough if


you are not going to receive full routing table

the traffic volume the device needs to handle is within 50 Mbps (roughly)


Hope to help

Giuseppe


Actions

This Discussion